DOCSLIB.ORG

Prelude User Manual General Configuration

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Prelude User Manual [[PreludeForeword|Foreword]] 1. Introduction 1. [[PreludeGlossary|Glossary]] 2. [[PreludeComponents|Prelude Components]] 3. [[PreludeArchitecture|Prelude Architecture]] 4. [[PreludeStandards|Prelude Standards]] 5. [[PreludeCompatibility|Prelude Compatibility]] 2. Installation 1. [[InstallingPreludeRequirement|Installation Requirements]] 2. [[InstallingPrelude|Installation from sources]] 1. [[InstallingPreludeLibrary|Libprelude]] 2. [[InstallingPreludeDbLibrary|LibpreludeDB]] 3. [[InstallingPreludeManager|Prelude Manager]] 4. [[InstallingPreludeCorrelator|Prelude Correlator]] 5. [[InstallingPreludeLml|Prelude LML]] 6. [[InstallingPreludePrewikka|Prewikka]] 3. [[InstallingPackage|Installation from packages]] 4. [[AgentsInstallation|Agents Installation]] 1. [[InstallingAgentRegistration|Agents Registration]] 2. [[InstallingAgentThirdparty|3rd Party Agents Installation]] 3. Configuration 1. [[ConfigurationGeneral|General Configuration]] 2. [[PreludeComponentsConfiguration|Prelude Components Configuration]] 1. [[PreludeManager|Prelude-Manager]] 2. [[PreludeCorrelator|Prelude-Correlator]] 3. [[PreludeLml|Prelude-LML]] 4. [[PreludeImport|Prelude-Import]] 3. [[HowtoHACentralServices|Howto Configure High Availability Central Services]] 4. Optimisation 1. [[DatabaseOptimisation|Database Optimisation]] 5. User Manuals 1. [[ManualPrewikka|Prewikka Manual]] 2. [[ManualPreludeAdmin|Prelude-Admin Manual]] 3. [[ManualPreludeDbAdmin|PreludeDB-Admin Manual]] 6. Development 1. [[DevelopmentGuidelines|Development guidelines]] 2. [[SourceOrganization|Source organization]] 3. [[PrewikkaApps|Prewikka Apps]] 4. [[DevelAgentQuickly|Prelude Agent]] 5. [[PreludeAgentContribution|Prelude Agent Contribution program]] 6. [[libpreludeAPI|Libprelude API]] 7. [[libpreludedbAPI|Libpreludedb API]] 8. [[ContinuousIntegration|Prelude CI]] General Configuration All Prelude agents have a common set of options, provided through the Prelude framework. You might modify these options system wide or in the Prelude specific configuration file a client might provide. All options defined system wide might be overriden in the client own Prelude configuration file. These are just template values that the client will use in case the values are not defined in the client own Prelude configuration file. Once the Prelude library is installed, you can tune system wide options using the following configuration files (replace $PREFIX with your installation prefix, usually /usr or /usr/local): $PREFIX/etc/prelude/default/client.conf $PREFIX/etc/prelude/default/global.conf $PREFIX/etc/prelude/default/idmef-client.conf $PREFIX/etc/prelude/default/global.conf 08/02/2016 1/61 This is the common configuration file used by all Prelude programs (sensors, prelude-manager). It provides a system wide template for common IDMEF attributes used by sensors. All of theses settings are optional, but keep in mind setting them will help you to keep track of where an event is coming from, especially in a distributed environment with a high number of sensors. The heartbeat-interval option defines how often a Prelude client should send a heartbeat (the default is 600 seconds). You can define IDMEF attributes to be carried by events emitted by the programs using the framework. All of these settings are optional, but keep in mind setting them will help you to keep track of where an event is coming from, especially in a distributed environment with a high number of sensors. - analyzer-name: Name for the analyzer (By default, this is set to the profile name used by the sensor). - node-name: Name of the equipment (usually the name of the machine this sensor is running on). - node-location: Location of the equipment (could be a city, or a country). - node-category: The type of node the clients are runing on (usually hosts). You might also want to define one or several node-address section, containing the following options: - address: The address of the equipment. - netmask: Netmask for this address. - vlan-name: Name of the Virtual Lan to which the address resides in. - vlan-num: Number of the Virtual Lan to which the address resides in. - category: Type of address represented (usually ipv4-addr or ipv6-addr). $PREFIX/etc/prelude/default/client.conf In this configuration file, you can configure the connection string that clients, which need to connect to a Prelude Manager, will use. You can use boolean '\|\|' (OR) and '&&' (AND) to set up a redundant configuration environment. Note that whatever you specify here, any events sent through the Prelude framework are saved in case the remote Manager goes down. In this case, all events will be saved and the client will periodically attempt to reconnect and flush saved events. Here are a few configuration examples: server-addr = x.x.x.x Connect and send events to x.x.x.x. server-addr = x.x.x.x && y.y.y.y Connect and send events to both x.x.x.x and y.y.y.y. server-addr = x.x.x.x || y.y.y.y Connect and send events to x.x.x.x, or fallback to y.y.y.y if x.x.x.x failed. $PREFIX/etc/prelude/default/idmef-client.conf This file includes both $PREFIX/etc/prelude/default/global.conf and $PREFIX/etc/prelude/default/client.conf. It is often used as the template by clients that need to connect to a prelude-manager. You probably should not modify this file directly (use global.conf and client.conf). Howto Configure High Availability Prelude Central Services This is an example configuration utilizing two machines to provide a high availability pair for the central Prelude services, which include: [[PreludeManager|Prelude-Manager]] [[PreludeCorrelator|Prelude-Correlator]], [[Prewikka]], and MySQL. 08/02/2016 2/61 Table of Contents Heartbeat will control the failing over of hard failures, such as a machine going down or total loss of connectivity. Both servers will maintain an up-to-date set of databases, and either can take over at a moments notice as the primary. You will need to use some form of monitoring, such as Nagios to handle service failures - thus alerting you when a manual failover is required (such as if a particular service dies, but the hardware remains operational and reachable). Things that are assumed: - You will need at least two ethernet interfaces per server (and two servers). - Assumes you have eth0 configured with IP/hostnames on both boxes. This example uses preludecentral_1 and preludecentral_2, and a VIP (virtual IP) with associated hostname, such as preludecentral. Make sure you also add the VIP/hostname to DNS/host/etc., as this is what you expose to your clients/relays/agents/etc. - This document assumes high availability for fault tolerance, not for performance. Although you could stagger which services are offered where, etc. MySQL Multi-Master Replication Configuration You must have installed MySQL v5.x or above. Some features to avoid collisions in multi-master replication are only available in MySQL v5.x 1. Setup secondary ethernet interfaces - Setup eth1 on each server to be an unused private network for use by your HA pair. - Connect with a crossover cable between them. 2. Make the following additions on both servers in /etc/my.cnf, under [mysqld] section: wait_timeout=259200 interactive_timeout=259200 max_connections=200 log-bin=<$HOSTNAME>-mysql-bin #change hostname to be each machines hostname server-id={1,2} #set one server for 1 and the other for 2 auto_increment_increment=2 auto_increment_offset={1,2} #set one server for 1 and the other for 2 # Timeouts and max connections have been increased to handle a client disconnect issue. # Various other settings can be adjusted to the specs of your machine, such as buffer sizes, log sizes, etc. 3. Change datadir in /etc/my.cnf to be on a partition of its own of acceptable size, edit /etc/fstab, and add "async,noatime" as options for the partition used for the MySQL database directory. 4. Run mysql on each server: - Enter at prompt: GRANT REPLICATION SLAVE on *.* TO some_replication_user IDENTIFIED by 'putreplicationpasswordhere'; 5. Add to the end of the mysql binary line in the start section of /etc/init.d/mysqld - --relay-log=<$HOSTNAME>-relay-bin #make sure to specify the correct hostname 6. From each server's mysql command-line: show master status; 7. From each server's mysql command-line: change master to master_host='<other hosts eth1 private ip address>', master_user='<username setup earlier for replication>', master_password='<password used earlier for replication>', master_log_file='<output of 1st column from above step on other server', master_log_pos=<output of 2nd column from above step on other server>; 8. Restart mysqld on each of the servers 9. Configure a root mysql password from the mysql command-line (only needs to be done on one server): - SET password for root@localhost=password('putmysqlrootpasswordhere'); - FLUSH PRIVILEGES; Prelude Central Components 1. You must install [[InstallingPreludeLibrary|Libprelude]] [[InstallingPreludeDbLibrary|LibpreludeDB]] [[InstallingPreludeManager|Prelude-Manager]] [[InstallingPreludeCorrelator|Prelude-Correlator]] and [[InstallingPreludePrewikka|Prewikka]] on both machines. 2. All of the central Prelude services should have the same configuration files on both servers (ie. prelude-manager, 08/02/2016 3/61 prelude-correlator, apache, etc.) 3. When importing the prelude and prewikka schemas to their respective databases, it only needs to be done on one of the servers, it will be replicated to the other automatically. 4. Copy over profiles (if you have a Prelude Central already setup) or register for all profiles needed:
Recommended publications
  • Integrity Checking of Operating Systems with Respect to Kernel Level Malware”

    Integrity Checking of Operating Systems with Respect to Kernel Level Malware”

    To Bianca, for being who you are. Abstract Kernel-mode rootkits have gained a considerable momentum within the blackhat com- munity. They represent a considerable threat to any computer system, as they pro- vide an intruder with the ability to hide the presence of his malicious activity. These rootkits make changes to the operating system’s kernel, thereby providing particularly stealthy hiding techniques. Considering the kernel rootkit threat and other threats, the collection of reliable information from a compromised system becomes a central problem within the domain of computer security. This thesis addresses this problem. It looks at the possibility of using virtualization as a means to facilitate kernel-mode rootkit detection through integrity checking. The thesis describes several areas within the Linux kernel, which are commonly subverted by kernel-mode rootkits. It introduces the reader to the concept of virtual- ization and describes several technologies employing virtualization. The kernel-mode rootkit threat is then addressed through a description of their hiding methodologies. Some of the existing methods for malware detection are also addressed and analysed. A number of general requirements, which need to be satisfied by a general model enabling kernel-mode rootkit detection, are identified. A model addressing these requirements is suggested, and a framework implementing the model is set-up. The detection capabilities of the framework are tested on a couple of rootkits. iii Preface This report presents the results of my master thesis “Integrity checking of operating systems with respect to kernel level malware”. It is written as part of the Master de- gree (Sivilingeniør) in Computer Science at the Norwegian University of Science and Technology (NTNU), during Spring 2005.
  • Bottle Documentation Release 0.12.19

    Bottle Documentation Release 0.12.19

    Bottle Documentation Release 0.12.19 Marcel Hellkamp Sep 24, 2021 Contents 1 User’s Guide 3 1.1 Tutorial..................................................3 1.2 Configuration (DRAFT)......................................... 23 1.3 Request Routing............................................. 26 1.4 SimpleTemplate Engine......................................... 28 1.5 API Reference.............................................. 32 1.6 List of available Plugins......................................... 45 2 Knowledge Base 49 2.1 Tutorial: Todo-List Application..................................... 49 2.2 Primer to Asynchronous Applications.................................. 64 2.3 Recipes.................................................. 67 2.4 Frequently Asked Questions....................................... 71 3 Development and Contribution 73 3.1 Release Notes and Changelog...................................... 73 3.2 Contributors............................................... 76 3.3 Developer Notes............................................. 78 3.4 Plugin Development Guide....................................... 82 4 License 89 Python Module Index 91 Index 93 i ii Bottle Documentation, Release 0.12.19 Bottle is a fast, simple and lightweight WSGI micro web-framework for Python. It is distributed as a single file module and has no dependencies other than the Python Standard Library. • Routing: Requests to function-call mapping with support for clean and dynamic URLs. • Templates: Fast and pythonic built-in template engine and support for mako,
  • A Brief Study and Comparison Of, Open Source Intrusion Detection System Tools

    A Brief Study and Comparison Of, Open Source Intrusion Detection System Tools

    International Journal of Advanced Computational Engineering and Networking, ISSN: 2320-2106, Volume-1, Issue-10, Dec-2013 A BRIEF STUDY AND COMPARISON OF, OPEN SOURCE INTRUSION DETECTION SYSTEM TOOLS 1SURYA BHAGAVAN AMBATI, 2DEEPTI VIDYARTHI 1,2Defence Institute of Advanced Technology (DU) Pune –411025 Email: [email protected], [email protected] Abstract - As the world becomes more connected to the cyber world, attackers and hackers are becoming increasingly sophisticated to penetrate computer systems and networks. Intrusion Detection System (IDS) plays a vital role in defending a network against intrusion. Many commercial IDSs are available in marketplace but with high cost. At the same time open source IDSs are also available with continuous support and upgradation from large user community. Each of these IDSs adopts a different approaches thus may target different applications. This paper provides a quick review of six Open Source IDS tools so that one can choose the appropriate Open Source IDS tool as per their organization requirements. Keywords - Intrusion Detection, Open Source IDS, Network Securit, HIDS, NIDS. I. INTRODUCTION concentrate on the activities in a host without considering the activities in the computer networks. Every day, intruders are invading countless homes On the other hand, NIDS put its focus on computer and organisations across the country via virus, networks without examining the hosts’ activities. worms, Trojans, DoS/DDoS attacks by inserting bits Intrusion Detection methodologies can be classified of malicious code. Intrusion detection system tools as Signature based detection, Anomaly based helps in protecting computer and network from a detection and Stateful Protocol analysis based numerous threats and attacks.
  • Ten Strategies of a World-Class Cybersecurity Operations Center Conveys MITRE’S Expertise on Accumulated Expertise on Enterprise-Grade Computer Network Defense

    Ten Strategies of a World-Class Cybersecurity Operations Center Conveys MITRE’S Expertise on Accumulated Expertise on Enterprise-Grade Computer Network Defense

    Bleed rule--remove from file Bleed rule--remove from file MITRE’s accumulated Ten Strategies of a World-Class Cybersecurity Operations Center conveys MITRE’s expertise on accumulated expertise on enterprise-grade computer network defense. It covers ten key qualities enterprise- grade of leading Cybersecurity Operations Centers (CSOCs), ranging from their structure and organization, computer MITRE network to processes that best enable effective and efficient operations, to approaches that extract maximum defense Ten Strategies of a World-Class value from CSOC technology investments. This book offers perspective and context for key decision Cybersecurity Operations Center points in structuring a CSOC and shows how to: • Find the right size and structure for the CSOC team Cybersecurity Operations Center a World-Class of Strategies Ten The MITRE Corporation is • Achieve effective placement within a larger organization that a not-for-profit organization enables CSOC operations that operates federally funded • Attract, retain, and grow the right staff and skills research and development • Prepare the CSOC team, technologies, and processes for agile, centers (FFRDCs). FFRDCs threat-based response are unique organizations that • Architect for large-scale data collection and analysis with a assist the U.S. government with limited budget scientific research and analysis, • Prioritize sensor placement and data feed choices across development and acquisition, enteprise systems, enclaves, networks, and perimeters and systems engineering and integration. We’re proud to have If you manage, work in, or are standing up a CSOC, this book is for you. served the public interest for It is also available on MITRE’s website, www.mitre.org. more than 50 years.
  • Analysis and Performance Optimization of E-Mail Server

    Analysis and Performance Optimization of E-Mail Server

    Analysis and Performance Optimization of E-mail Server Disserta¸c~aoapresentada ao Instituto Polit´ecnicode Bragan¸capara cumprimento dos requisitos necess´arios `aobten¸c~aodo grau de Mestre em Sistemas de Informa¸c~ao,sob a supervis~aode Prof. Dr. Rui Pedro Lopes. Eduardo Manuel Mendes Costa Outubro 2010 Preface The e-mail service is increasingly important for organizations and their employees. As such, it requires constant monitoring to solve any performance issues and to maintain an adequate level of service. To cope with the increase of traffic as well as the dimension of organizations, several architectures have been evolving, such as cluster or cloud computing, promising new paradigms of service delivery, which can possibility solve many current problems such as scalability, increased storage and processing capacity, greater rationalization of resources, cost reduction, and increase in performance. However, it is necessary to check whether they are suitable to receive e-mail servers, and as such the purpose of this dissertation will concentrate on evaluating the performance of e-mail servers, in different hosting architectures. Beyond computing platforms, was also analze different server applications. They will be tested to determine which combinations of computer platforms and applications obtained better performances for the SMTP, POP3 and IMAP services. The tests are performed by measuring the number of sessions per ammount of time, in several test scenarios. This dissertation should be of interest for all system administrators of public and private organizations that are considering implementing enterprise wide e-mail services. i Acknowledgments This work would not be complete without thanking all who helped me directly or indirectly to complete it.
  • Linux E-Mail Set Up, Maintain, and Secure a Small Office E-Mail Server

    Linux E-Mail Set Up, Maintain, and Secure a Small Office E-Mail Server

    Linux E-mail Set up, maintain, and secure a small office e-mail server Ian Haycox Alistair McDonald Magnus Bäck Ralf Hildebrandt Patrick Ben Koetter David Rusenko Carl Taylor BIRMINGHAM - MUMBAI This material is copyright and is licensed for the sole use by Jillian Fraser on 20th November 2009 111 Sutter Street, Suite 1800, San Francisco, , 94104 Linux E-mail Set up, maintain, and secure a small office e-mail server Copyright © 2009 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: June 2005 Second edition: November 2009 Production Reference: 1051109 Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN 978-1-847198-64-8 www.packtpub.com
  • The Qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 Pages)

    The Qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 Pages)

    < Free Open Study > The qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 pages) This guide begins with a discussion of qmail s history, architecture and features, and then goes into a thorough investigation of the installation and configuration process. Table of Contents The qmail Handbook Introduction Ch apt - Introducing qmail er 1 Ch apt - Installing qmail er 2 Ch apt - Configuring qmail: The Basics er 3 Ch apt - Using qmail er 4 Ch apt - Managing qmail er 5 Ch apt - Troubleshooting qmail er 6 Ch apt - Configuring qmail: Advanced Options er 7 Ch apt - Controlling Junk Mail er 8 Ch apt - Managing Mailing Lists er 9 Ch apt - Serving Mailboxes er 10 Ch apt - Hosting Virtual Domain and Users er 11 Ch apt - Understanding Advanced Topics er 12 Ap pe ndi - How qmail Works x A Ap pe ndi - Related Packages x B Ap pe ndi - How Internet Mail Works x C Ap pe ndi - qmail Features x D Ap pe - Error Messages ndi x E Ap pe - Gotchas ndi x F Index List of Figures List of Tables List of Listings < Free Open Study > < Free Open Study > Back Cover • Provides thorough instruction for installing, configuring, and optimizing qmail • Includes coverage of secure networking, troubleshooting issues, and mailing list administration • Covers what system administrators want to know by concentrating on qmail issues relevant to daily operation • Includes instructions on how to filter spam before it reaches the client The qmail Handbook will guide system and mail administrators of all skill levels through installing, configuring, and maintaining the qmail server.
  • Domain Name Systems-Based Electronic Mail Security

    Domain Name Systems-Based Electronic Mail Security

    DRAFT NIST CYBERSECURITY PRACTICE GUIDE DOMAIN NAME SYSTEMS-BASED ELECTRONIC MAIL SECURITY How-To Guides For Security Engineers Scott Rose William Barker Santos Jha Chinedum Irrechukwu Karen Waltermire NIST SPECIAL PUBLICATION 1800-6C DRAFT NIST Special Publication 1800-6C NIST Cybersecurity Practice Guide DOMAIN NAME SYSTEMS- BASED ELECTRONIC MAIL SECURITY 1800-6C Scott Rose How-To Guides Information Technology Laboratory For Security Engineers National Institute of Standards and Technology William C. Barker Dakota Consulting Silver Spring, MD Santos Jha Chinedum Irrechukwu The MITRE Corporation McLean, VA Karen Waltermire National Cybersecurity Center of Excellence National Institute of Standards and Technology November 2016 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Willie May, Under Secretary of Commerce for Standards and Technology and Director DRAFT DISCLAIMER Certain commercial entities, equipment, products, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by NIST or NCCoE, nor is it intended to imply that the entities, equipment, products, or materials are necessarily the best available for the purpose. National Institute of Standards and Technology Special Publication 1800-6C Natl Inst. Stand. Technol. Spec. Publ. 1800-6C, 144 pages (November 2016) CODEN: NSPUE2 Organizations are encouraged to review all draft publications during
  • Network Security Jim Binkley

    Network Security Jim Binkley

    Tools Network Security Jim Binkley. Jim Binkley 1 Outline basic tools netcat intrusion detection – network monitors – net-based audit/analysis (nessus) – net-based signature analysis (snort) (see ASCII lecture) – host-based anomaly analysis (tripwire) web audit/analysis wireless (kismet/netstumbler) attack tools (dsniff, ettercap) remote control/backdoor tools Jim Binkley 2 a few intro thoughts some of these tools can be grouped into different categories BUT then both tripwire and ourmon are intrusion detection tools (what do they have in common?) ID tools may have problems with false-positives attack tools can always be used for defensive purposes or offensive purposes: – nmap used to check for open ports ... any tool may be used for ill (even ping) Jim Binkley 3 information sources: Anti-Hacker Toolkit, Jones, Shema, Johnson. Osborne 2002 Snort FAQ (and book) nmap documentation Hacker’s Exposed in numerous editions Jim Binkley 4 basic tools ping and relatives traceroute tcpdump and other sniffers – ethereal whois and the whois database dig/nslookup and the DNS scanners problem: given email handout, what can you learn about its origin? Jim Binkley 5 ping ping may be used to test basic 2-way connectivity or determine if an ip address space is populated – to stuff an ARP database (HPOV does this) » so that we can see how many hosts we have – to enable a port query because J. Hacker has an exploit Jim Binkley 6 ping may have these options -c <count> - send count pings -n <count> - windows, the same thing -f -
  • Cobbler Documentation Release 3.0.1

    Cobbler Documentation Release 3.0.1

    Cobbler Documentation Release 3.0.1 Enno Gotthold May 27, 2020 Contents 1 Quickstart 3 1.1 Preparing your OS..........................................3 1.2 Changing settings..........................................3 1.3 DHCP management and DHCP server template...........................4 1.4 Notes on files and directories....................................5 1.5 Starting and enabling the Cobbler service..............................5 1.6 Checking for problems and your first sync..............................5 1.7 Importing your first distribution...................................6 2 Install Guide 9 2.1 Prerequisites.............................................9 2.2 Installation.............................................. 10 2.3 RPM................................................. 10 2.4 DEB................................................. 11 2.5 Relocating your installation..................................... 12 3 Cobbler CLI 13 3.1 General Principles.......................................... 13 3.2 CLI-Commands........................................... 14 3.3 EXIT_STATUS............................................ 24 3.4 Additional Help........................................... 24 4 Cobblerd 25 4.1 Preamble............................................... 25 4.2 Description.............................................. 25 4.3 Setup................................................. 26 4.4 Autoinstallation (Autoyast/Kickstart)................................ 26 4.5 Options................................................ 26 5 Cobbler Configuration
  • Cobbler Documentation Release 2.8.5

    Cobbler Documentation Release 2.8.5

    Cobbler Documentation Release 2.8.5 Jörgen Maas Nov 19, 2020 Contents 1 About 3 1.1 Release Notes.........................................3 1.2 Distribution Support......................................5 1.3 Distribution Notes.......................................7 1.4 How We Model Things..................................... 13 2 Installation 15 2.1 Prerequisites.......................................... 15 2.2 Installing from packages.................................... 16 2.3 Installing from Source..................................... 18 2.4 Configuration Files....................................... 20 2.5 Relocating your installation.................................. 21 3 General 23 3.1 Cobbler Primitives....................................... 23 3.2 Cobbler Direct Commands................................... 54 3.3 Cobbler Settings........................................ 69 3.4 Managing Services with Cobbler............................... 90 3.5 Kickstart Templating...................................... 94 3.6 Snippets............................................ 102 3.7 Package Management and Mirroring............................. 112 3.8 File System Information.................................... 114 4 Advanced 119 4.1 Advanced Networking..................................... 119 4.2 SELinux............................................ 122 4.3 Configuration Management.................................. 123 4.4 Extending cobbler....................................... 131 4.5 Power Management...................................... 135 4.6
  • Technical Notes All Changes in Fedora 13

    Technical Notes All Changes in Fedora 13

    Fedora 13 Technical Notes All changes in Fedora 13 Edited by The Fedora Docs Team Copyright © 2010 Red Hat, Inc. and others. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. For guidelines on the permitted uses of the Fedora trademarks, refer to https:// fedoraproject.org/wiki/Legal:Trademark_guidelines. Linux® is the registered trademark of Linus Torvalds in the United States and other countries. Java® is a registered trademark of Oracle and/or its affiliates. XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. All other trademarks are the property of their respective owners. Abstract This document lists all changed packages between Fedora 12 and Fedora 13.